High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-19	CVE-2021-3498	Out-of-bounds Write vulnerability in multiple products GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. local low complexity gstreamer-project redhat debian CWE-787	7.8
2021-04-19	CVE-2021-3497	Use After Free vulnerability in multiple products GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska files. local low complexity gstreamer-project redhat debian CWE-416	7.8
2021-04-19	CVE-2021-29457	Heap-based Buffer Overflow vulnerability in multiple products Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. local low complexity exiv2 fedoraproject debian CWE-122	7.8
2021-04-15	CVE-2021-20288	Improper Authentication vulnerability in multiple products An authentication flaw was found in ceph in versions before 14.2.20. network low complexity linuxfoundation redhat fedoraproject debian CWE-287	7.2
2021-04-08	CVE-2021-29154	Command Injection vulnerability in multiple products BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. local low complexity linux fedoraproject debian netapp CWE-77	7.8
2021-04-06	CVE-2021-30130	Improper Verification of Cryptographic Signature vulnerability in multiple products phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification. network low complexity phpseclib debian CWE-347	7.5
2021-04-06	CVE-2021-30164	Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API. network low complexity redmine debian	7.5
2021-04-05	CVE-2021-20308	Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in the htmldoc 1.9.11 and before may allow attackers to execute arbitrary code and cause a denial of service that is similar to CVE-2017-9181. network low complexity htmldoc-project debian CWE-190	7.5
2021-04-05	CVE-2021-20305	Out-of-bounds Write vulnerability in multiple products A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. network high complexity nettle-project redhat fedoraproject netapp debian CWE-787	8.1
2021-04-02	CVE-2021-1844	Out-of-bounds Write vulnerability in multiple products A memory corruption issue was addressed with improved validation. network low complexity apple debian fedoraproject CWE-787	8.8